@rtcandrew wrote:
Hi all,
I know there is a vast amount of discussions online about CISSP but unfortunately, i can not find such information directed at my current situation.
I am currently on the other side of security as a Physical Security Manager for a corporate company. Although this is the case, as i have moved up the ladder in my career it becomes apparent within my company and others to be at director level, knowledge of IT Security is sought after.
i understand the experience requirements and checked the CISSP outline. Within my role i believe to have hit the below from ground level to managing of multiple sites for 5+ years:
security and risk management
asset security
security operations
In terms of qualifications i currently hold i have Network+, Security+ and am a Certified Security Management Professional.
My question is, do you think the CISSP would be a beneficial certification for me in moving up the ladder in my current situation?
Thanks all.
Andrews,
You are definitely on the right track, and yes, I think CISSP could be a beneficial goal for you.. I was not familiar with CSMP, so a quick web search indicated it is primarily UK certification I highly recommend investigating the CPP from ASIS International. That is the premier physical security certification in USA, and appear to have a significant international presence. Further, ASIS recognizes the InfoSec aspects of modern physical security, and supports members who have the CISSP.
Physical security was one of the ten original CISSP CBK domains in the initial build of the CISSP. It is now embedded into several of the current eight domains, as you noted in your own experience. In t e world of physical security, a full understanding of information / cyber security is essential to manage the security camera networks, the identity and access management hardware and networks, and even the security alarm systems for your facilities.
Yes, I do recommend you dive into both the CPP and the CISSP.
Good luck and best regards,
Craig
CISSP would be beneficial, should you see yourself in IT infrastructure management career advancement. It could open doors for you going forward. However, CISSP exam is not an easy one, as you are probably well aware of.
Other options would be risk manager, risk auditor or IT auditor. and all of them are also sought after by organizations. The related exams would probably be more aligned with your current experiences, and maybe a ted bit easier.
Best of luck,
As Josh wrote, CISSP is the gold standard. Get it if you can.
@Jerry wrote:As Josh wrote, CISSP is the gold standard. Get it if you can.
Jerry & Josh @joshmena ,
Uh, please note that "CISSP is the Gold Standard" pretty much because (ISC)2 keeps telling folks it is. It is good; it can be valuable; earning it does help educate you (if done correctly); I have had it for 17 years, and have never regretted earning or keeping it.
However, really .... ask yourself,, "Gold standard for what?"
Suggested reading :
1984 by George Orwell
Propaganda by Edward Bernays
Grandpa Rob @rslade and Diana @dcontesti as high-time CISSPs, please feel free to comment.
Craig
Seriously? 1984? Propaganda? I don't even want to know why you would go that far. Just because they market the CISSP as the gold standard? If the sky is blue and everyone says the sky is blue, do you scream "1984!"?
Check job listings for CISSP.
@CraginS wrote:
@Jerry wrote:As Josh wrote, CISSP is the gold standard. Get it if you can.
Jerry & Josh @joshmena ,
Uh, please note that "CISSP is the Gold Standard" pretty much because (ISC)2 keeps telling folks it is. It is good; it can be valuable; earning it does help educate you (if done correctly); I have had it for 17 years, and have never regretted earning or keeping it.
However, really .... ask yourself,, "Gold standard for what?"
Suggested reading :
1984 by George Orwell
Propaganda by Edward Bernays
Grandpa Rob @rslade and Diana @dcontesti as high-time CISSPs, please feel free to comment.
Craig
So I have had my CISSP for close to 25 years (man that makes me feel old)....I was in the initial batch of folks that sat for the exam when there were True/False questions, some of the above, none of the above, six distractors in some cases and even a section specific to Canadian law....
The CISSP was labeled the Gold Standard for a number of reasons in the early 2000s (first to be credified by ANSI, a very solid exam development process, ethical standards that needed to be followed....is it still? I would say it is a golden standard but maybe not the Gold Standard.
As Cragin has already stated, if you are on the physical side of Security, you might be better to obtain a cert form ASIS as they specialize in Physical Security.
I think gaining the CISSP is a worthwhile goal but I would do ASIS first as the initial writer stated they have a couple of Security certs that will probably provide a good basis for them....I see the CISSP as rounding out the knowlege.
oh by the way, I am glad that I got my CISSP, I have learned many things and developed a good network of folks that I can rely on, and yes, I still learn new things everyday.
my nickel canadian
d